[RADIATOR] EAP-TTLS missing reply attributes from inner-accept

Heikki Vatiainen hvn at open.com.au
Mon Jun 9 14:11:43 CDT 2014


On 06/09/2014 05:29 PM, Chance, Christopher M. wrote:
> I narrowed down the problem, the SQL command is sending NULL as the
> NAS_IP_Address which is causing some issues in the stored procedure for
> sql, is there a way to manually set the NAS_IP before the SQL runs?

See AddToRequestIfNotExists option. You can specify it in, for example,
Client and Handler clauses.

> In addition is it possible to force a authrequest to fail if the
> additional Radius Attributes (cambium-wahtever) is not included in the sql?

Maybe you could change the SQL procedure to add 'Auth-Type=Reject:...'
reply attribute in this case? For example:

AuthColumnDef n,Auth-Type,reply

where n is a suitable column number. When cambium-whatever is present, a
NULL is returned, otherwise the procedure returns 'Reject:...'. See the
reference manual for more about the Auth-Type reply item.

Another possibility is to use PostAuthHook to examine the current reply
and switch it to a reject.

PS: Please note your message did not get to the list since you seem to
be using a different address than previously.

Thanks,
Heikki


-- 
Heikki Vatiainen <hvn at open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.


More information about the radiator mailing list